Jump to content

dragan

Members
  • Posts

    1,979
  • Joined

  • Last visited

  • Days Won

    21

Posts posted by dragan

  1. Thanks for sharing! We have taken over a trainwreck of a Craft site from another agency recently, and amongst a million other nuisances, the image resizer plugin they've chosen is end-of-life. Plus, the authors are fond of uploading huge images. I just might steal that line of code to bring the overall size down considerably...

    • Like 2
  2. The future looks bright! I'm very excited about the preview edition of GitHub Copilot. Finally someone putting AI to good use.

    Some of these suggestions are downright scary, they're so great. Write some code, a comment, then hit TAB. Boom. This is like Intellisense, but on steroids, and then some.

    Anyone else tried it? Care to share your experiences?

    • Like 3
  3. As far as I understand, Headless CMS and SSG aren't the same thing really. So which one do you really want?

    If you'd like to use an SPA framework like React, you'd probably want headless. If you'd like to automagically create static pages, it's a typical SSG setup.

    For headless, I'd try the AppApi module.

    For SSG, I'd use Pro Cache.

    I'm not sure what to make of your example comparison with WP and taxonomies. In PW, you create your own taxonomy or data model.

    It's easy to create JSON output from your PW instance. Use URL segments, and handle each /json request to your own script.

    11 hours ago, wbmnfktr said:

    The result was, that I had specific JSON feeds for everything I needed.

    It's ridiculously easy to create JSON feeds (just a bunch of URLs that match your selector). Is that all you really need? Sorry if I misunderstand you, but there's way more to a headless CMS than just having a URL feed.

    Again, I don't get what you really want in the end. If you need static sites, what good are "JSON feeds" for you?

    • Like 4
  4. What is an "external template"? You mean a regular frontend template?

    I'm not quite sure what you're asking: Reverse all child pages only? Or keep the page order as in the admin, but reverse the images per page only? If the latter, you could do something like:

    $imgs = $page->images;
    
    if ($imgs) {
        $gmi = array();
        foreach ($imgs as $img) {
            array_push($gmi, array($img->url, $img->description, $img->title));
        }
        $images = array_reverse($gmi);
        foreach ($images as $img) {
            $content .= "<h2>{$img[2]}</h2><img src='{$img[0]}' alt='{$img[1]}'>";
        }
    }

    Basically just array_reverse()

    • Thanks 1
  5. On 7/22/2018 at 4:58 PM, ryan said:
    Quote

    the possibility to reset passwords and disabling 2FA for a user

    There's already a password reset module built into PW. 2FA can be disabled for any individual account as needed. 

    I have a PW installation, where I activated 2FA for myself as superuser. Recently, my phone for some reason deleted several apps - one of them being Google Authenticator. I know how to reset a user password, but that won't help me in that particular situation.

    @ryan

    Is there an API method to deactivate 2FA for a certain user? In the docs, I only see $user->hasTfa().

  6. @picarica Could you please use a more civilized language in here? I'm no PW forum admin, but I'm pretty sure the F*** word is not welcome here.

    If you have a problem with that particular module, you should post your question in the respective support forum instead: 

     

    • Like 4
  7. 1 hour ago, rash said:

    The big plan behind would lead a bit too far

    I don't think so... the trick with PW hooks is to find out which hook to use, and whether to use before or after. Page::loaded seems to be the wrong method to hook into for what you want to achieve.

    Here are some code-bits I used in the past, and they all work as expected (inside site/ready.php)

        $this->addHookAfter('Pages::saveReady', function (HookEvent $event) {
            $page = $event->arguments[0];
    
    // ----------
    
        $pages->addHookAfter("ProcessPageEdit::buildForm", function (HookEvent $event) {
            $page = $event->object->getPage();
            $form = $event->return;
    
    // ----------
    
    $this->addHookBefore('Pages::saved(template=invoice, parent=23444)', function(HookEvent $event) {
        $page = $event->arguments(0);

     

    • Like 4
  8. That's where a proper IDE should kick in, to do its stuff (auto-suggest/auto-complete etc.). Mere text-editors can only do so much...

    With PW, that didn't really work so well for a long time. But if you enable the Functions API, and use page() instead of $page in your code, you'll get the hints in your working environment.

    /**
     * Allow core API variables to also be accessed as functions?
     *
     * Recommended. This enables API varibles like $pages to also be accessed as pages(),
     * as an example. And so on for most other core variables.
     *
     * Benefits are better type hinting, always in scope, and potentially shorter API calls.
     * See the file /wire/core/FunctionsAPI.php for details on these functions.
     *
     * @var bool
     *
     */
    $config->useFunctionsAPI = true;

     

    • Like 1
  9. 24 minutes ago, dragan said:

    Well, insert debug code (Tracy's d($var) or plain print_r() etc.) to see if any of your variables/functions doesn't do what you think it should.

    Did you do any of that? Do you have Tracy Debugger installed? Do you have debug mode enabled? Did you check if you have any hooks activated that could block your code? Saying "it doesn't work" without trying to debug each line of code makes it difficult to find the culprit, and for those people trying to help you. We don't even know your PW version, or what modules you have installed.

    For starters, what happens if you simplify the code and enter a few lines directly in the Tracy console (e.g. just edit the bio field). Does it work or not?

  10. 33 minutes ago, modifiedcontent said:

    and it still doesn't work

    Well, insert debug code (Tracy's d($var) or plain print_r() etc.) to see if any of your variables/functions doesn't do what you think it should.

    body and fullname are certainly fields you have added to the user profile yourself, they're not part of the default user template. Perhaps you need to check those fields in the user template where it says "What fields can a user edit in their own profile?"

  11. 14 hours ago, modifiedcontent said:

    most basic working example

    Well, I just tested out this on PW 3.0.167, and it works as expected:

    $user_roles       = user()->roles;
    $user_roles_count = count($user_roles);
    
    // make sure the current user has more than just default "guest" role
    if (($user_roles_count > 1) && !input()->post->ts) {
    
        $u_name = user()->name;
        $u_id   = user()->id;
        $here   = page()->url;
        $ts     = time();
    
        $form = <<<EOF
    
    <h1>Hello $u_name . Would you like to change your password?</h1>
    <form method="post" action="$here">
        <label for="new_pass">New password:    
            <input type="password" id="new_pass" name="new_pass" autocomplete="false">
        </label>
        <label for="new_pass2">Confirm new password:
            <input type="password" id="new_pass2" name="new_pass2" autocomplete="false">
        </label>
        <input type="hidden" id="uid" name="uid" autocomplete="false" value="$u_id">
        <input type="hidden" id="uname" name="uname" autocomplete="false" value="$u_name">
        <input type="hidden" id="ts" name="ts" autocomplete="false" value="$ts">
        <button type="submit">Change your password</button>    
    </form>
    
    EOF;
    
        echo $form;
    
    }
    
    if (input()->post->ts && input()->post->new_pass && input()->post->new_pass2 && input()->post->uid) {
        $out        = '';
        $errCount   = 0;
        $form_uid   = input()->post->uid;
        $form_uname = input()->post->uname;
        $curr_uid   = user()->id;
        $curr_uname = user()->name;
        $form_new_pass  = input()->post->new_pass;
        $form_new_pass2 = input()->post->new_pass2;
        $form_ts        = (int)input()->post->ts;
        $max_time       = 30 * 60; // 30 minutes
    
        // If the POST arrives a half hour later, something is probably fishy
        if ($form_ts < (time() - $max_time)) {
            $errCount++;
            $out = "It seems that it took you longer than 30 minutes to change your password - your request has been blocked due to security concerns. Please try again.";
        }
    
        // user has maybe manipulated the hidden form input fields
        if (($curr_uid != $form_uid) || ($curr_uname != $form_uname)) {
            $errCount++;
            $out = "Your request has been blocked due to security concerns. Please try again.";
        }
    
        // for added security, I would highly suggest to take this note seriously @ https://cheatsheet.processwire.com/user/user-properties/user-pass/
        // "you will need to add your own complexity checks for passwords to ensure they meet a minimum length and character requirement."
        // I'm not sure if there is an API sanitizer method available for this purpose
        // below is just a basic check to ensure both pw-field values are identical
        if (($form_new_pass !== $form_new_pass2)) {
            $errCount++;
            $out = "Your new passwords do not match. Please try again.";
        }
    
        // If we've got that far, we're ready to update the user's PW
        if ($errCount < 1) {
            $user_page = users()->get($curr_uid);
            $user_page->of(false);
            $user_page->pass = $form_new_pass;
            $user_page->save();
            $out = "Success! Your account has been updated with the new password you've chosen.";
        }
    
        echo $out;
    
    }

    If syntax like user()->roles doesn't work in your installation, you can either enable it in site/config.php ($config->useFunctionsAPI = true;) or re-write it with $user / $page / $input notation.

    • Like 2
  12. First things I'd do:

    • check PW logs
    • check server error logs (Apache / PHP)
    • inspect in the browser (JS errors)

    If you don't find any hints that way, you could see if it's a CSRF problem, or something to do with sessions. Switching to SessionHandlerDB can help (a core module). In one of my setups I had to put these two config values to false, when I encountered similar problems:

    $config->protectCSRF = false;
    $config->sessionFingerprint = false;

     

    • Like 1
  13. It's weird that mySQL Workbench doesn't show any INNODB_FT_DEFAULT_STOPWORD table, just these three:

    mysql-workbench.thumb.PNG.a789c4e64c6d2ca38af4ea372f16ba61.PNG

    That's with version 5.7.24 though. It seems strange that I don't see that table, but PW search works just fine.

    You could try to use the Migration Wizard from Workbench (with a local copy), perhaps you'll get more control with your import. But ultimately, since this is a system table, maybe you don't have enough rights to manipulate that anyway on your hosting setup.

×
×
  • Create New...